Wednesday, May 2, 2012

OMB+/OWB Revoke a privilege

OWB has the habbit of only revoking or granting priviliges ont creation of a role or object. If you change a role you have to manually change them. Here is a script to revoke privileges:
 
###########################################################
#                                                            #
# (C) Ciber Nederland John Minkjan    OMB101.blogspot.com        #
#        V001    Init Version                                #
#        V002    Validated against OWB11gR2                    #
#                                                            #
############################################################
#OMBCONNECT rep_owner/rep_owner@localhost:1521:orcl USE WORKSPACE 'My_Workspace';

set OMBPROMPT ON;

set RoleList [list EVERYONE]
set ProjectList [list ENECO_DWH]
set RevokeList [list COMPILE EDIT FULL_CONTROL]

foreach Project $ProjectList {
OMBCC '/$Project';

set OracleModuleList [OMBLIST ORACLE_MODULES]
foreach OracleModule $OracleModuleList {
put $OracleModule
foreach Role $RoleList {

foreach Revoke $RevokeList {

OMBREVOKE OBJECT_PRIVILEGE $Revoke ON ORACLE_MODULE '$OracleModule' CASCADE FROM ROLE '$Role' ;
    

}
}
OMBCOMMIT;
OMBSAVE;
}
}
Till Next Time

No comments:

Post a Comment